Udiff functions_static.ksh
--- /workspace/du105637/oscposthot/webrev/usr/src/cmd/ha-services/gds-agents/PostgreSQL/functions_static.ksh- Tue Apr 22 05:14:55 2008
+++ functions_static.ksh Mon Apr 21 06:10:05 2008
@@ -19,11 +19,11 @@
#
# CDDL HEADER END
#
#
-# Copyright 2007 Sun Microsystems, Inc. All rights reserved.
+# Copyright 2008 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
#ident "%Z%%M% %I% %E% SMI"
@@ -39,11 +39,19 @@
PMFADM=/usr/cluster/bin/pmfadm
UNAME=/usr/bin/uname
ECHO=/usr/bin/echo
AWK=/usr/bin/awk
EGREP=/usr/bin/egrep
+GREP=/usr/bin/grep
PROJECTS=/usr/bin/projects
+WC=/usr/bin/wc
+CAT=/usr/bin/cat
+ENV=/usr/bin/env
+RM=/usr/bin/rm
+SSH_AGENT=/usr/bin/ssh-agent
+SSH_ADD=/usr/bin/ssh-add
+CHMOD=/usr/bin/chmod
terminate()
{
debug_message "Function: terminate - Begin"
@@ -142,22 +150,45 @@
#
# This function assume the resource group name preset in the variable ${RESOURCEGROUP} and should be called
#
# $(rgs_zonename)
#
-# It passes back the zonename or nothing.
+# It passes back a zonename or nothing.
+# If there are more than one zones in the nodelist, it passes back either the zone where the resource group
+# is online or first one in the list.
debug_message "Function: rg_zonename - Begin "
${SET_DEBUG}
nodes_zone=
nodename=`${UNAME} -n`
- node=`${SCHA_RESOURCEGROUP_GET} -G ${RESOURCEGROUP} -O NODELIST|grep ${nodename}`
+ node=`${SCHA_RESOURCEGROUP_GET} -G ${RESOURCEGROUP} -O NODELIST|${EGREP} "${nodename}$|${nodename}:"`
- if ${ECHO} ${node} | grep : >/dev/null 2>&1
+ if ${ECHO} ${node} | ${GREP} : >/dev/null 2>&1
then
+ if [ `${ECHO} ${node}|${WC} -w` -gt 1 ]
+ then
+ online=0
+ for i in ${node}
+ do
+ if ${SCHA_RESOURCEGROUP_GET} -G ${RESOURCEGROUP} -O RG_state_node ${i}| ${GREP} -i online >/dev/null 2>&1
+ then
+ nodes_zone=`${ECHO} ${i} | ${AWK} -F: '{print $2}'`
+ online=1
+ fi
+ done
+
+ # check if we found a zone where the resource group is online, if not pick the first zone in the list
+
+ if [ ${online} -eq 0 ]
+ then
+ first_node=`${ECHO} ${node} | ${AWK} '{print $1}'`
+ nodes_zone=`${ECHO} ${first_node} | ${AWK} -F: '{print $2}'`
+ fi
+ else
nodes_zone=`${ECHO} ${node} | ${AWK} -F: '{print $2}'`
+ fi
fi
print ${nodes_zone}
@@ -487,6 +518,101 @@
fi
debug_message "Function: restart_dependency - End"
return ${St}
+}
+
+start_ssh_agent()
+{
+ #
+ # Start an ssh-agent and add the decrypted private key.
+ # Only when the ssh-agent contains the private key, a ssh login without a
+ # passphrase challenge is possible.
+ #
+ # This function stores the environment variables SSH_AUTH_SOCK and
+ # SSH_AGENT_PID in /tmp/${RESOURCE}-ssh in a ksh compatible format.
+ #
+ # The start_ssh_agent function is meant to be called in the target users
+ # environment.
+ #
+ # The only necessary parameter is the passphrase of the target users
+ # private ssh key.
+ # If you use this function you should kill the started ssh-agent in your
+ # stop function.
+ #
+ # To do this you have to export the SSH_AGENT_PID from tmp/${RESOURCE}-ssh
+ # in the users environment and call /usr/bin/ssh-agent -k.
+ #
+ # The returncode of the start_ssh_agent function is 0 for success, and 1 for error.
+
+ debug_message "Function: start_ssh_agent - Begin"
+ ${SET_DEBUG}
+
+ SSH_PASS=${1}
+
+ rc_start_ssh_agent=0
+ export DISPLAY=""
+
+ # remove the SSH_ASKPASS script and the temporary store of SSH_AUTH_SOCK
+ # and SSH_AGENT_PID to satisfy noclobber
+
+ ${RM} /tmp/${RESOURCE}-askpass 2>/dev/null
+ ${RM} /tmp/${RESOURCE}-ssh 2>/dev/null
+
+ # start the ssh-agent
+
+ eval `${SSH_AGENT} -s` >/dev/null 2>&1
+ if [ ${?} -eq 0 ]
+ then
+ debug_message "Function: start_ssh_agent - ssh-agent started"
+
+ ${ENV} | ${EGREP} "SSH_AUTH_SOCK|SSH_AGENT_PID">/tmp/${RESOURCE}-ssh
+
+ # create the SSH_ASKPASS script needed for a headless ssh-agent
+
+ export SSH_ASKPASS=/tmp/${RESOURCE}-askpass
+ ${CAT} > ${SSH_ASKPASS} <<EOF
+#!/usr/bin/ksh
+# reads a passphrase at the ssh-agent command
+read x
+${ECHO} \${x}
+EOF
+ ${CHMOD} +x ${SSH_ASKPASS}
+
+ # decrypt the private key and store it in memory
+
+ if print ${SSH_PASS}|${SSH_ADD} >/dev/null 2>&1
+ then
+ debug_message "Function: start_ssh_agent - ssh-add successful, private key decryped and stored"
+ else
+ # SCMSGS
+ # @explanation
+ # The ssh passphrase passed to the start_ssh_agent function is wrong
+ # @user_action
+ # Fix the ssh passphrase entry in your parameters
+ scds_syslog -p daemon.err -t $(syslog_tag) -m \
+ "start_ssh_agent: The passphrase %s is wrong" \
+ "${SSH_PASS}"
+ rc_start_ssh_agent=1
+ fi
+
+ # remove the previously created askpass script
+
+ ${RM} ${SSH_ASKPASS}
+ else
+ # SCMSGS
+ # @explanation
+ # The ssh-agent is not startable for the given user
+ # @user_action
+ # Determine and fix the root cause by running the ssh-agent manually
+ # as the target user
+ scds_syslog -p daemon.err -t $(syslog_tag) -m \
+ "start_ssh_agent: The start of the ssh-agent was unsuccessful"
+ rc_start_ssh_agent=1
+
+ fi
+
+ debug_message "Function: start_ssh_agent - End"
+ return ${rc_start_ssh_agent}
+
}